UNPKG

@baqhub/sdk

Version:

The official JavaScript SDK for the BAQ federated app platform.

baq.dev

baqhub/baq

83 lines (82 loc) 2.97 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.HttpSignature = void 0; const tslib_1 = require("tslib"); const constants_js_1 = require("../../constants.js"); const IO = tslib_1.__importStar(require("../../helpers/io.js")); const signature_js_1 = require("../../helpers/signature.js"); const string_js_1 = require("../../helpers/string.js"); const httpSignatureHeader_js_1 = require("./httpSignatureHeader.js"); // // Model. // var HttpSignaturePrefix; (function (HttpSignaturePrefix) { HttpSignaturePrefix["REQUEST"] = "baq.request"; HttpSignaturePrefix["RESPONSE"] = "baq.response"; })(HttpSignaturePrefix || (HttpSignaturePrefix = {})); const RHttpSignaturePrefix = IO.weakEnumeration(HttpSignaturePrefix); // // I/O. // function signatureToHeader(signature) { const pairs = [ ["id", signature.id], ["ts", signature.timestamp.toString()], ["nonce", signature.nonce], ["headers", signature.headers.map(httpSignatureHeader_js_1.RHttpSignatureHeader.encode).join(",")], ["signature", IO.base64Bytes.encode(signature.signature)], ]; const pairsString = pairs.map(([k, v]) => `${k}="${v}"`).join(" "); return `${constants_js_1.Constants.httpSignaturePrefix} ${pairsString}`; } // // Sign and Validate. // function buildSignatureString(prefix, signature, input) { const prefixString = RHttpSignaturePrefix.encode(prefix); const headersString = signature.headers .map(header => { const headerKey = httpSignatureHeader_js_1.RHttpSignatureHeader.encode(header); const headerValue = input.headerValues.get(header) || ""; return `${headerKey}=${headerValue}\n`; }) .join(""); return [ prefixString, signature.timestamp, signature.nonce, input.authorizationId || "", input.method, input.pathAndQuery, input.host, input.port, headersString, ].join("\n"); } function httpSign(prefix, appRecordId, privateKey, input) { const initialSignature = { id: appRecordId, timestamp: Date.now(), nonce: string_js_1.Str.random(8), headers: [...input.headerValues.keys()], signature: new Uint8Array(0), }; const signatureString = buildSignatureString(prefix, initialSignature, input); const signatureBytes = (0, signature_js_1.sign)(privateKey, IO.decode(IO.utf8Bytes, signatureString)); return { ...initialSignature, signature: signatureBytes, }; } function signatureForRequest(appRecordId, privateKey, input) { return httpSign(HttpSignaturePrefix.REQUEST, appRecordId, privateKey, input); } function signatureForResponse(appRecordId, privateKey, input) { return httpSign(HttpSignaturePrefix.RESPONSE, appRecordId, privateKey, input); } exports.HttpSignature = { request: signatureForRequest, response: signatureForResponse, toHeader: signatureToHeader, };